SDN: When i turn on "Automatic DHCP" in SDN simple zone my VM or LXC does not start

[arendNL]

Proxmox version 9.0.10

When i turn off "Automatic DHCP" in SDN simple zone my VM or LXC are able to start again.

But when i turn it on my VM and LXC give the following output and do not start.

LX
run_buffer: 571 Script exited with status 11
lxc_init: 845 Failed to run lxc.hook.pre-start for container "101"
__lxc_start: 2039 Failed to initialize container "101"
TASK ERROR: startup for container '101' failed

VM
org.freedesktop.DBus.Error.ServiceUnknown: The name uk.org.thekelleys.dnsmasq.simple1 was not provided by any .service files
kvm: -netdev type=tap,id=net0,ifname=tap102i0,script=/usr/libexec/qemu-server/pve-bridge,downscript=/usr/libexec/qemu-server/pve-bridgedown,vhost=on: network script /usr/libexec/qemu-server/pve-bridge failed with status 2816
TASK ERROR: start failed: QEMU exited with code 1

Any idea how to solve this? Please let me know what files or settings to check

 

[shanreich]

Did you define a DHCP range in the subnet configuration?
Is dnsmasq installed according to documentation? [1]

[1] https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pvesdn_install_dhcp_ipam

 

[arendNL]

yes, DHCP range set to 10.10.10.110 - 10.10.10.149

i did indeed install dnsmasq
apt update
apt install dnsmasq
# disable default instance
systemctl disable --now dnsmasq

 

[shanreich]

Can you post the task log of applying the SDN configuration?

 

[arendNL]

i now also had a few times that connectivity to my node (pve) was gone. I rebooted and node was back online. I think i need to first do a fresh install of my node as well

 

[arendNL]

"Can you post the task log of applying the SDN configuration?" <-- what command should that be on the node?

 

[shanreich]

You should find this in the Web UI in the Task History of the node, there should be a task named 'SRV Networking - Reload'. You can directly download the task log there. The filter for that task type is 'srvreload'.

 

[arendNL]

Output of 'SRV Networking - Reload'

Removed '/etc/systemd/system/multi-user.target.wants/dnsmasq@simple1.service'.
Created symlink '/etc/systemd/system/multi-user.target.wants/dnsmasq@simple1.service' -> '/usr/lib/systemd/system/dnsmasq@.service'.
TASK OK

i just did a reboot of the pve node and now both LXC and VM have connectivity again which is nice but i dont know what the cause was.

 

[shanreich]

Could you post the output of the following commands?

systemctl status dnsmasq
systemctl status dnsmasq@simple1

Additionally, your network / SDN configuration would be interesting:

ip a
ip r

cat /etc/network/interfaces
cat /etc/network/interfaces.d/sdn

grep -r '' /etc/pve/sdn

 

[arendNL]

root@pve100:~# systemctl status dnsmasq
○ dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; preset: enabled)
Active: inactive (dead)
Docs: man:dnsmasq(8)
root@pve100:~# systemctl status dnsmasq@simple1
● dnsmasq@simple1.service - dnsmasq (simple1) - A lightweight DHCP and caching DNS server
Loaded: loaded (/usr/lib/systemd/system/dnsmasq@.service; enabled; preset: enabled)
Drop-In: /usr/lib/systemd/system/dnsmasq@.service.d
└─00-dnsmasq-after-networking.conf
Active: active (running) since Tue 2025-09-23 11:30:45 CEST; 14min ago
Invocation: ced4fbe6f0914783a8c916ff7a62329b
Docs: man:dnsmasq(8)
Process: 3269 ExecStartPre=/usr/share/dnsmasq/systemd-helper checkconfig simple1 (code=exited, status=0/SUCCESS)
Process: 3274 ExecStart=/usr/share/dnsmasq/systemd-helper exec simple1 (code=exited, status=0/SUCCESS)
Process: 3281 ExecStartPost=/usr/share/dnsmasq/systemd-helper start-resolvconf simple1 (code=exited, status=0/SUCCESS)
Main PID: 3280 (dnsmasq)
Tasks: 1 (limit: 154217)
Memory: 720K (peak: 3.6M)
CPU: 35ms
CGroup: /system.slice/system-dnsmasq.slice/dnsmasq@simple1.service
└─3280 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.simple1.pid -u dnsmasq -7 "/etc/dnsmasq.d/simple1,*.conf" --conf-file=/dev/null --enable-dbus=uk.org.thekelley>

Sep 23 11:30:45 pve100 dnsmasq[3280]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth DNSSEC loop-detect in>
Sep 23 11:30:45 pve100 dnsmasq[3280]: DBus support enabled: connected to system bus
Sep 23 11:30:45 pve100 dnsmasq-dhcp[3280]: DHCP, static leases only on 10.10.10.0, lease time infinite
Sep 23 11:30:45 pve100 dnsmasq-dhcp[3280]: IPv6 router advertisement enabled
Sep 23 11:30:45 pve100 dnsmasq-dhcp[3280]: DHCP, sockets bound exclusively to interface VNet1
Sep 23 11:30:45 pve100 dnsmasq[3280]: reading /etc/resolv.conf
Sep 23 11:30:45 pve100 dnsmasq[3280]: using nameserver 192.168.2.1#53
Sep 23 11:30:45 pve100 dnsmasq[3280]: cleared cache
Sep 23 11:30:45 pve100 dnsmasq-dhcp[3280]: read /etc/dnsmasq.d/simple1/ethers
Sep 23 11:30:45 pve100 systemd[1]: Started dnsmasq@simple1.service - dnsmasq (simple1) - A lightweight DHCP and caching DNS server.
root@pve100:~#
root@pve100:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master vmbr0 state UP group default qlen 1000
link/ether 18:60:24:a2:92:91 brd ff:ff:ff:ff:ff:ff
altname enp0s25
altname enx186024a29291
3: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 18:60:24:a2:92:91 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.100/24 scope global vmbr0
valid_lft forever preferred_lft forever
inet6 fe80::1a60:24ff:fea2:9291/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
4: VNet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether ee:59:f4:a4:45:4e brd ff:ff:ff:ff:ff:ff
inet 10.10.10.1/24 scope global VNet1
valid_lft forever preferred_lft forever
inet6 fe80::4491:d5ff:fea0:ba4a/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
5: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel master fwbr100i0 state UNKNOWN group default qlen 1000
link/ether 2e:22:dd:97:1a:f1 brd ff:ff:ff:ff:ff:ff
6: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 6e:0a:c4:d1:da:ab brd ff:ff:ff:ff:ff:ff
7: fwpr100p0@fwln100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
link/ether 76:59:8d:6b:c3:4d brd ff:ff:ff:ff:ff:ff
8: fwln100i0@fwpr100p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr100i0 state UP group default qlen 1000
link/ether 6e:0a:c4:d1:da:ab brd ff:ff:ff:ff:ff:ff
9: veth101i0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr101i0 state UP group default qlen 1000
link/ether fe:c7:b7:56:e1:7f brd ff:ff:ff:ff:ff:ff link-netnsid 0
10: fwbr101i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 4a:f7:fa:69:5f:a3 brd ff:ff:ff:ff:ff:ff
11: fwpr101p0@fwln101i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VNet1 state UP group default qlen 1000
link/ether ee:59:f4:a4:45:4e brd ff:ff:ff:ff:ff:ff
12: fwln101i0@fwpr101p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr101i0 state UP group default qlen 1000
link/ether 4a:f7:fa:69:5f:a3 brd ff:ff:ff:ff:ff:ff
13: tap102i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel master fwbr102i0 state UNKNOWN group default qlen 1000
link/ether ee:49:26:dd:17:b8 brd ff:ff:ff:ff:ff:ff
14: fwbr102i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 22:88:68:c9:ca:4a brd ff:ff:ff:ff:ff:ff
15: fwpr102p0@fwln102i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master VNet1 state UP group default qlen 1000
link/ether 42:78:34:46:af:04 brd ff:ff:ff:ff:ff:ff
16: fwln102i0@fwpr102p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr102i0 state UP group default qlen 1000
link/ether 22:88:68:c9:ca:4a brd ff:ff:ff:ff:ff:ff
root@pve100:~#
root@pve100:~#
root@pve100:~# ip r
default via 192.168.2.1 dev vmbr0 proto kernel onlink
10.10.10.0/24 dev VNet1 proto kernel scope link src 10.10.10.1
192.168.2.0/24 dev vmbr0 proto kernel scope link src 192.168.2.100
root@pve100:~#
root@pve100:~#
root@pve100:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.2.100/24
gateway 192.168.2.1
bridge-ports eno1
bridge-stp off
bridge-fd 0

source /etc/network/interfaces.d/*
root@pve100:~#
root@pve100:~#
root@pve100:~# cat /etc/network/interfaces.d/sdn
#version:14

auto VNet1
iface VNet1
address 10.10.10.1/24
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j SNAT --to-source 192.168.2.100
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o vmbr0 -j SNAT --to-source 192.168.2.100
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
bridge_ports none
bridge_stp off
bridge_fd 0
ip-forward on
root@pve100:~#
root@pve100:~#
root@pve100:~# grep -r '' /etc/pve/sdn
/etc/pve/sdn/vnets.cfg:vnet: VNet1
/etc/pve/sdn/vnets.cfg: zone simple1
/etc/pve/sdn/vnets.cfg:
/etc/pve/sdn/subnets.cfg:subnet: simple1-10.10.10.0-24
/etc/pve/sdn/subnets.cfg: vnet VNet1
/etc/pve/sdn/subnets.cfg: dhcp-range start-address=10.10.10.110,end-address=10.10.10.149
/etc/pve/sdn/subnets.cfg: gateway 10.10.10.1
/etc/pve/sdn/subnets.cfg: snat 1
/etc/pve/sdn/subnets.cfg:
/etc/pve/sdn/pve-ipam-state.json:{"zones":{"simple1":{"subnets":{"10.10.10.0/24":{"ips":{"10.10.10.1":{"gateway":1},"10.10.10.102":{"vmid":"102","mac":"BC:24:11:3B:92:AF"},"10.10.10.101":{"vmid":"101","mac":"BC:24:11:F2:48:A0"}}}}}}}
/etc/pve/sdn/zones.cfg:simple: simple1
/etc/pve/sdn/zones.cfg: dhcp dnsmasq
/etc/pve/sdn/zones.cfg: ipam pve
/etc/pve/sdn/zones.cfg:
/etc/pve/sdn/.running-config:{"zones":{"ids":{"simple1":{"type":"simple","ipam":"pve","dhcp":"dnsmasq"}}},"vnets":{"ids":{"VNet1":{"zone":"simple1","type":"vnet"}}},"version":14,"subnets":{"ids":{"simple1-10.10.10.0-24":{"vnet":"VNet1","type":"subnet","dhcp-range":["start-address=10.10.10.110,end-address=10.10.10.149"],"snat":1,"gateway":"10.10.10.1"}}},"fabrics":{"ids":{}},"controllers":{"ids":{}}}
/etc/pve/sdn/mac-cache.json:{"macs":{"BC:24:11:3B:92:AF":{"ip4":"10.10.10.102"},"BC:24:11:F2:48:A0":{"ip4":"10.10.10.101"}}}

 

[arendNL]

at this moment all works fine again after that reboot

 

[arendNL]

Hi Stefan, i really appreciate your advise and help. Good learning curve for me. Ready to replace vmware with Proxmox